package org.example.mall.admin.util;

import org.example.mall.admin.configuration.exception.BaseException;
import org.example.mall.admin.model.enums.manage.LabelTypeEnum;
import org.example.mall.admin.model.enums.manage.TreeTypeEnum;
import org.springframework.security.access.expression.SecurityExpressionRoot;
import org.springframework.security.core.Authentication;

/**
 * @author hzq
 * @date 2022/1/8 16:33
 */
public class PermissionUtil {

    public static boolean hasAuthority(String authority) {
        Authentication authentication = SecurityUtil.getAuthentication();
        if (authentication == null) {
            return false;
        }
        return new Permission(authentication).hasAuthority(authority);
    }

    public static boolean hasAnyAuthority(String... authorities) {
        Authentication authentication = SecurityUtil.getAuthentication();
        if (authentication == null) {
            return false;
        }
        return new Permission(authentication).hasAnyAuthority(authorities);
    }

    /**
     * 校验是否拥有素材管理权限
     *
     * @param treeId 分类id
     */
    public static void checkFileMaterial(Integer treeId) {
        if (treeId != null) {
            hasAuthority("material_manage");
        }
    }

    /**
     * 校验分类树相关权限
     *
     * @param treeType         分类类型
     * @param permissionSuffix 权限后缀
     */
    public static void checkSysTree(Integer treeType, String permissionSuffix) {
        TreeTypeEnum treeTypeEnum = null;
        TreeTypeEnum[] values = TreeTypeEnum.values();
        for (TreeTypeEnum value : values) {
            if (value.getType().equals(treeType)) {
                treeTypeEnum = value;
                break;
            }
        }
        if (treeTypeEnum == null) {
            throw new BaseException("不支持分类类型");
        }
        // 拥有分类树的全部权限
        if (hasAuthority("sys_tree_all")) {
            return;
        }
        String permissionPrefix = treeTypeEnum.getPermissionPrefix();
        if (permissionPrefix == null) {
            return;
        }
        String permission = permissionPrefix + permissionSuffix;
        if (!hasAuthority(permission)) {
            throw new BaseException("权限不足");
        }
    }

    /**
     * 校验标签相关权限
     *
     * @param labelType        标签类型
     * @param permissionSuffix 权限后缀
     */
    public static void checkSysLabel(Integer labelType, String permissionSuffix) {
        LabelTypeEnum labelTypeEnum = null;
        LabelTypeEnum[] values = LabelTypeEnum.values();
        for (LabelTypeEnum value : values) {
            if (value.getType().equals(labelType)) {
                labelTypeEnum = value;
                break;
            }
        }
        if (labelTypeEnum == null) {
            throw new BaseException("不支持标签类型");
        }
        // 拥有标签的全部权限
        if (hasAuthority("sys_label_all")) {
            return;
        }
        String permissionPrefix = labelTypeEnum.getPermissionPrefix();
        if (permissionPrefix == null) {
            return;
        }
        String permission = permissionPrefix + permissionSuffix;
        if (!hasAuthority(permission)) {
            throw new BaseException("权限不足");
        }
    }


    static class Permission extends SecurityExpressionRoot {

        /**
         * Creates a new instance
         *
         * @param authentication the {@link Authentication} to use. Cannot be null.
         */
        public Permission(Authentication authentication) {
            super(authentication);
        }
    }
}
